Hello Everyone, i have a Problem with 2 Devices, one of them ist with the new M2 Chip and the other One is an Intel Mac. Both of them show me that in jamf: Personal Recovery Key Validation:Unknown
But FileVault 2 Partition Encryption State:Encrypted.
I am able to see the Personal Recovery Key in terminal but there is a Problem with the transfer to Jamf. Ihad tried with jamf recon but nothink happens. Can anyone help please.
Question
FIleVault Key is Unknown M2 Mac
+4
+1Decrypt and encrypt again.
+13On one of the systems, run a policy with the Disk Encryption payload and the Action set to "Issue new Recovery Key", and the Recovery Key type as "Individual". As long as your initial FileVault profile/policy was set to send the keys to Jamf Pro, it should issue and escrow a new key.
There's also a Jamf script that uses the Jamf Helper to prompt the user for their password and then creates a new recovery key. Check the script at https://github.com/jamf/FileVault2_Scripts/blob/master/reissueKey.sh and modify for your needs. It should still work on Apple Silicon.
+4Thank you Very Much, i had tried it on the Device directly with two commands:
sudo fdesetup changerecovery -personal
and then Sudo jamf recon, it works :)
+4i have another question, we also have a hidden Admin Account, whwhich is created during the enrollment, by some Users, i see the Admin Account as FileVault User, how can i change thhis easily ?
+1i have another question, we also have a hidden Admin Account, whwhich is created during the enrollment, by some Users, i see the Admin Account as FileVault User, how can i change thhis easily ?
Hey, can you explain how to create this hidden Admin Account?
+1Thank you Very Much, i had tried it on the Device directly with two commands:
sudo fdesetup changerecovery -personal
and then Sudo jamf recon, it works :)
Also, if possible help me with that; I've tried those 2 commands, runs good, I could see the RecoveryKey on terminal but still showing as unknown on Jamf
+13Hey, can you explain how to create this hidden Admin Account?
Hi.. In the prestage..go to 'account settings' there is a checkbox " Hide managed administrator account in Users & Groups"
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.